[MlMt] What is happening

Billy Youdelman billy at MIX.ORG
Fri Feb 24 03:38:54 EST 2017


On 24 Feb 2017, at 0:50 MST, Robert M. Münch wrote:

> Hi, I think that's Appel's sandboxing where apps are run from random 
> paths. LS should handle this, I'm using it too and don't see this 
> effect for any apps. But I'm not using MM 2 beta.

https://developer.apple.com/library/prerelease/content/technotes/tn2206/_index.html

Scroll down to...

----

Shipping your Signed Code

The preferred way to ship a signed app is via the Mac App Store. The Mac 
App Store provides a secure channel for app delivery and installation 
that requires minimal action on the part of the user.

For distribution outside of the Mac App Store, the preferred options are 
to use a signed disk image (DMG) or signed installer package. Signing 
these allows validation of the contents and their source. ZIP archives 
may also be used, but this is discouraged.

If using a disk image to ship an app, users should drag the app from the 
image to its desired installation location (usually /Applications) 
before launching it. This also applies to apps installed via ZIP or 
other archive formats or apps downloaded to the Downloads directory: ask 
the user to drag the app to /Applications and launch it from there.

This practice avoids an attack where a validly signed app launched from 
a disk image, ZIP archive, or ISO (CD/DVD) image can load malicious code 
or content from untrusted locations on the same image or archive. 
Starting with macOS Sierra, running a newly-downloaded app from a disk 
image, archive, or the Downloads directory will cause Gatekeeper to 
isolate that app at a unspecified read-only location in the filesystem. 
This will prevent the app from accessing code or content using relative 
paths.

----

I must add I personally prefer the simplicity of zip archives, and hope 
this does not lead to their demise.

Dragging the expanded application program to the /Applications directory 
also kills the translocation sandboxing...  NB this means you must 
uncompress it anywhere but in the dir from which you intend to run it.  
My impression is when MailMate updates itself this is done in 
Library/Caches/... and thus should not be a problem.

ビリー ヨーデルマん
+1 310 839 7673
http://MIX.ORG/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freron.com/pipermail/mailmate/attachments/20170224/a329e382/attachment.html>


More information about the mailmate mailing list